Attackers sometimes deploy complex "finger-printing" tools
to determine server type. By submitting non-standard HTTP requests (like
DELETE requests) and broken HTTP headers, they can heuristically determine
the likely server type by examining how it responds in these
ambiguous situations.
